Use single command line option for keys in check_iat
Change-Id: Id957bfa54ec17f132ef18a591da04cac0410faac
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
diff --git a/iat-verifier/scripts/compile_token b/iat-verifier/scripts/compile_token
index 647ed0d..ef49961 100755
--- a/iat-verifier/scripts/compile_token
+++ b/iat-verifier/scripts/compile_token
@@ -35,15 +35,15 @@
parser.add_argument('-o', '--outfile',
help='''Output file for the compiled token. If this is not
specified, the token will be written to standard output.''')
- parser.add_argument('--psa-iot-profile1-keyfile',
+ parser.add_argument('-k', '--key',
help='''Path to the key in PEM format that should be used to
sign the token. If this is not specified, the token will be
unsigned.''')
- parser.add_argument('--cca-platform-token-keyfile',
+ parser.add_argument('--platform-key',
help='''Path to the key in PEM format that should be used to
sign the CCA platform token. If this is not specified,
the token will be unsigned.''')
- parser.add_argument('--cca-realm-token-keyfile',
+ parser.add_argument('--realm-key',
help='''Path to the key in PEM format that should be used to
sign the CCA Realm token. If this is not specified, the
token will be unsigned.''')
@@ -68,7 +68,7 @@
if args.hmac:
METHOD = AttestationTokenVerifier.SIGN_METHOD_MAC0
elif args.raw:
- if args.psa_iot_profile1_keyfile:
+ if args.key:
raise ValueError('A keyfile cannot be specified with --raw.')
METHOD = AttestationTokenVerifier.SIGN_METHOD_RAW
else:
@@ -78,7 +78,7 @@
verifier_class = token_verifiers[args.token_type]
if verifier_class == PSAIoTProfile1TokenVerifier:
- key = read_keyfile(args.psa_iot_profile1_keyfile, METHOD)
+ key = read_keyfile(args.key, METHOD)
if METHOD == AttestationTokenVerifier.SIGN_METHOD_SIGN1:
cose_alg = get_cose_alg_from_key(
key,
@@ -94,8 +94,8 @@
if METHOD != AttestationTokenVerifier.SIGN_METHOD_SIGN1:
logging.error('Only sign1 method is supported by this token type.\n\t')
sys.exit(1)
- platform_token_key = read_keyfile(args.cca_platform_token_keyfile, METHOD)
- realm_token_key = read_keyfile(args.cca_realm_token_keyfile, METHOD)
+ platform_token_key = read_keyfile(args.platform_key, METHOD)
+ realm_token_key = read_keyfile(args.realm_key, METHOD)
realm_token_method = AttestationTokenVerifier.SIGN_METHOD_SIGN1
platform_token_method = AttestationTokenVerifier.SIGN_METHOD_SIGN1
realm_token_cose_alg = get_cose_alg_from_key(
@@ -113,8 +113,8 @@
platform_token_key=platform_token_key,
configuration=configuration)
elif verifier_class == CCAPlatformTokenVerifier:
- key_checked = args.cca_platform_token_keyfile
- key = read_keyfile(args.cca_platform_token_keyfile, METHOD)
+ key_checked = args.platform_key
+ key = read_keyfile(args.platform_key, METHOD)
cose_alg = get_cose_alg_from_key(key, AttestationTokenVerifier.COSE_ALG_ES384)
verifier = CCAPlatformTokenVerifier(
method=AttestationTokenVerifier.SIGN_METHOD_SIGN1,
@@ -123,8 +123,8 @@
configuration=configuration,
necessity=None)
elif verifier_class == PSA_2_0_0_TokenVerifier:
- key_checked = args.psa_iot_profile1_keyfile
- key = read_keyfile(keyfile=args.psa_iot_profile1_keyfile, method=METHOD)
+ key_checked = args.key
+ key = read_keyfile(keyfile=args.key, method=METHOD)
if METHOD == AttestationTokenVerifier.SIGN_METHOD_SIGN1:
cose_alg = get_cose_alg_from_key(key, AttestationTokenVerifier.COSE_ALG_ES256)
else: